keys

package
v1.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2019 License: Apache-2.0 Imports: 15 Imported by: 9

Documentation

Index

Constants

View Source 
const (
	// KeyStoreTLSKeyFile is the key in a secret containing the TLS key
	KeyStoreTLSKeyFile = "tls.key"

	// KeyStoreTLSCertFile is the key in a secret containing the TLS cert
	KeyStoreTLSCertFile = "tls.crt"

	// KeyStoreTLSCAFile is the key in a secret containing a CA cert
	KeyStoreTLSCAFile = "ca.crt"

	// KeyStorePrivateKeyFile is the key in a secret containing an RSA private key
	KeyStorePrivateKeyFile = "id_rsa"

	// KeyStorePublicKeyFile is the key in a secret containing an RSA publis key
	KeyStorePublicKeyFile = "id_rsa.pub"
)

Variables

This section is empty.

Functions

func GenerateSelfSignedCert added in v1.4.0 

func GenerateSelfSignedCert(certsDirectory string, name string, namespace string) (string, string, error)

GenerateSelfSignedCert generates a self signed certificate keyFile, certFile pair to be passed to http.ListenAndServeTLS The first return value is the keyFile name, the second the certFile name The caller is responsible for creating a writeable directory and cleaning up the generated files afterwards.

func GetOrCreateCA 

func GetOrCreateCA(client kubernetes.Interface, namespace, secretName, caName string) (*triple.KeyPair, error)

GetOrCreateCA will get the CA KeyPair, creating it if necessary

func GetOrCreatePrivateKey 

func GetOrCreatePrivateKey(client kubernetes.Interface, namespace, secretName string) (*rsa.PrivateKey, error)

GetOrCreatePrivateKey gets or creates a private key secret

func SaveKeyPairAndCert 

func SaveKeyPairAndCert(client kubernetes.Interface, namespace, secretName string, keyPairAndCA *KeyPairAndCert, owner *metav1.OwnerReference) (bool, error)

SaveKeyPairAndCert saves a private key, cert, and maybe a ca cert to kubernetes

Types

type KeyPairAndCert 

type KeyPairAndCert struct {
	KeyPair triple.KeyPair
	CACert  *x509.Certificate
}

KeyPairAndCert holds a KeyPair and optional CA In the case of a server key pair, the CA is the CA that signed client certs In the case of a client key pair, the CA is the CA that signed the server cert

func GetKeyPairAndCert 

func GetKeyPairAndCert(client kubernetes.Interface, namespace, secretName string) (*KeyPairAndCert, error)

GetKeyPairAndCert will return the secret data if it exists

func GetOrCreateClientKeyPairAndCert 

func GetOrCreateClientKeyPairAndCert(client kubernetes.Interface,
	namespace, secretName string,
	caKeyPair *triple.KeyPair,
	caCert *x509.Certificate,
	commonName string,
	organizations []string,
	owner *metav1.OwnerReference) (*KeyPairAndCert, error)

GetOrCreateClientKeyPairAndCert creates a secret for upload proxy

func GetOrCreateServerKeyPairAndCert 

func GetOrCreateServerKeyPairAndCert(client kubernetes.Interface,
	namespace,
	secretName string,
	caKeyPair *triple.KeyPair,
	clientCACert *x509.Certificate,
	commonName string,
	serviceName string,
	owner *metav1.OwnerReference) (*KeyPairAndCert, error)

GetOrCreateServerKeyPairAndCert creates secret for an upload server

type KeyPairAndCertBytes 

type KeyPairAndCertBytes struct {
	PrivateKey []byte
	Cert       []byte
	CACert     []byte
}

KeyPairAndCertBytes contains the PEM encoded key data

func GetKeyPairAndCertBytes 

func GetKeyPairAndCertBytes(client kubernetes.Interface, namespace, secretName string) (*KeyPairAndCertBytes, error)

GetKeyPairAndCertBytes returns the raw bytes stored in the secret

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.